<?php  
  session_start();
  include('class.mysql.php');
  $username = $_POST["textUsername"];
  $password = $_POST["textPassword"];

  $mydb = new mysql();
  $connection = $mydb->Connect();
  $sql="select nuptk,kota,no_urut,no_reg,password from login where nuptk='$username' and password='$password'";
	//echo "$sql";	
  $query = $mydb->Query($sql);
  $num = $mydb->FetchNum($query);
  //$kabupaten[]="Pilih kota2";
  if($array= mysql_fetch_row($query))
  {
       setcookie("login", "$username", time()+60*60*24*30);
       $_SESSION["SES_USERNAME"]=$username;
       $_SESSION["SES_NO_REG"]=$array[3];
       $_SESSION["SES_TYPE"]="USR";
       header( 'Location: lihat_data.php' );
  }
  else
  {
       $sql="select username,pesan10 from admin where username='$username' and password='$password'";
       //echo "$sql";	
       $query = $mydb->Query($sql);
       $num = $mydb->FetchNum($query);
       if ($num!=0)
       {
       	   $array= mysql_fetch_row($query);
           setcookie("login", "$username", time()+60*60*24*30);
           setcookie("lctaxdm", "$array[1]", time()+60*60*24*30);
           $_SESSION["SES_USERNAME"]=$username;
           $_SESSION["SES_PROP"]=$array[1];
           if($array[1]=='')
               $_SESSION["SES_TYPE"]="ADM-ALL";
           else
               $_SESSION["SES_TYPE"]="ADM";
           header( 'Location: lihat_data.php' );          
       }
       else
       {
           header( 'Location: index.php?msg=login_failed' ) ;
           $_SESSION["SES_USERNAME"]="";
       }
  }
?>
